Requirements¶
SAFE People¶
| ID | Description | Requirement Type | Role |
|---|---|---|---|
| PEOPLE-01 | Individuals MUST be able to supply user identification information to the data custodian to verify identity | Functional | RE, TA, DC |
| PEOPLE-02 | Individuals or Organisations must be able to supply their Accredited / Approved / Bonafide researcher status or equivalent to the data custodian to verify their status | Functional | RE, TA*, DC |
| PEOPLE-03 | Individuals are afforded opportunities to undertake and renew their Information Governance Training in support of their Accreditation status | Non-Functional | RE, TA, DC |
| PEOPLE-04 | Organisations must be able to provide information on appropriate governance and administrative arrangements, security and privacy arrangements and technical skills and capabilities to protect, manage and use data | Functional | PO |
| PEOPLE-05 | Individuals must be able to use their existing identities from their affiliated organisations to authenticate using 2FA and use services from data custodians, which offers a level of organisation control of individual access to data | Functional | RE, TA |
| PEOPLE-06 | TRE providers must be able to apply authorisation policies to enable access to services and share authorisation decisions to enable system-wide intelligence of an individual’s access rights | Functional | TA |
| PEOPLE-07 | TRE providers should maintain and record of all user access performed by Individuals for audit purposes | Non-Functional | TA |
| PEOPLE-08 | TRE Providers should be able disbar users in breach of service with an appeals process | Non-Functional | TA |
SAFE Project¶
| ID | Description | Requirement Type | Role |
|---|---|---|---|
| PROJECT-01 | Individuals and organisation must be able to provide detailed project descriptions including project methodology, funder/sponsor information, ethics approvals and time period of access | Functional | RE, DC |
| PROJECT-02 | Data Custodians must provide detailed guidance of the data access request process, including time frames, requirements and decision making process | Non-Functional | DC |
| PROJECT-03 | Data Custodians must provide the ability for Individuals and organisations to submit and process enquiries of the data prior to submission of a formal access request | Functional | DC |
| PROJECT-04 | Data Custodians must provide a proportionate data access request form to collect all relevant information about the individual/organisation’s project | Functional | DC |
| PROJECT-05 | Data Custodians must inform and update individuals on the status & processing times of their application and allow for individual appeals process | Functional | DC |
| PROJECT-06 | Data Custodians must demonstrate meaningful involvement of patient and public / lay representatives in the data access decision making process. | Non-Functional | DC |
| PROJECT-07 | TRE providers must allow individuals to specify software, research code, reference data, configurations to be deployed with their SAFE Setting which may be subject to a review process before deployment | Functional | DC, TA |
| PROJECT-08 | TRE provider must make every attempt to support the ongoing collaboration between project members, including provide collaboration software – Git, Shared docs | Functional | TA, SI |
| PROJECT-09 | Data Custodian must maintain a public Data Use Register that is updated in ‘real time’ with approved projects | Functional | DC |
SAFE Data¶
| ID | Description | Requirement Type | Role |
|---|---|---|---|
| DATA-01 | Data Custodians must provide descriptive, semantic and technical metadata about their datasets publicly available in human and machine readable form | Functional | DC |
| DATA-02 | Data Custodians must provision data using a standardised format supporting well-known data standards, e.g. See HDR UK Data Standards Green Paper | Functional | DC |
| DATA-03 | Data custodians must provide a lay summary of how they manage direct identifiers within their source data assets prior to onboarding into the TRE. | Non-Functional | DC |
| DATA-04 | TRE Providers should provide data linkage services to allow users to request linkage of datasets with data held internally or externally to the TRE provider | Non-Functional | TA, DC |
| DATA-05 | TRE providers should implement appropriate data minimisation proportionate to sensitivity and the approved use of the data | Non-Functional | TA |
| DATA-06 | TRE providers must encrypt their data at rest and in transit with client-held keys with an auditable access log | Non-Functional | TA |
| DATA-07 | TRE providers should be able to provision minimised data into project specific workspaces that maintain the integrity of the provisioned data and ensure multi-tenant security and privacy | Functional | DE |
| DATA-08 | TRE provider should provide mechanisms and process for researchers to request ingress of external (additional) data to be used by researchers as part of their research | Functional | DE |
SAFE Setting¶
| ID | Description | Requirement Type | Role |
|---|---|---|---|
| SETTING-01 | TRE providers must implement processes and systems that hold and managed data securely, encrypted at rest with client-held encryption keys | Non-Functional | TA |
| SETTING-02 | TRE providers must implement mechanisms to provision a minimised dataset bespoke to the individuals request encrypted with a separate key accessible by the project individuals | Functional | DE |
| SETTING-03 | TRE providers must provide ingress and egress (where allowed) to transfer data and code securely between SAFE Settings | Functional | DE |
| SETTING-04 | TRE providers must provide a secure environment to allow individuals to perform their analysis using tools supplied by the TRE provider and/or tools requested to be deployed by the individual | Functional | TA |
| SETTING-05 | TRE providers must provide services that allow individuals to remotely execute analysis workflows using TRE supplied tools or research software with minimal hands-on access to the data | Functional | TA |
| SETTING-06 | TRE Providers must publish their security design and implementation reports for review | Non-Functional | SO |
| SETTING-07 | TRE providers must provide assurance statements that ensure their processes and systems are conformant to secure data processing standards – ISO 27001, IGToolkit/DSPT, ONS/UKSA Accredited Processor | Non-Functional | SO |
SAFE Outputs¶
| ID | Description | Requirement Type | Roles |
|---|---|---|---|
| OUTPUT-01 | Individual MUST be able to apply for a data or code release from a TRE including information on dissemination channels | Functional | RE, DE |
| OUTPUT-02 | TRE providers must implement repeatable and timely processes and systems to assess and decide on the data release applications in a consistent manner, including decision provenance & appeals process and support to individuals to undertake output checking themselves with supervision. | Non-Functional | DE |
| OUTPUT-03 | TRE providers must provide open and clear documentation of the statistical disclosure control policies including the assessment criteria | Functional | DE |
| OUTPUT-04 | TRE Providers must provide automated solutions (Airlock), where possible, to assess and decide data release applications and where possible coordinate the transfer of output data to a location specified by the individual | Functional | DE |
| OUTPUT-05 | TRE Airlock managers should aim to harmonise and coordinate output checking and data release management processes with other TRE Airlock managers | Non-Functional | DE |
| OUTPUT-06 | TRE providers and Individuals must ensure appropriate training is afforded to staff and individuals to ensure individuals are able to produce outputs that require minimal effort to check | Non-Functional | TA |
| OUTPUT-07 | TRE Providers must provide a mechanisms to archive an entire project workspace for a determined duration | Functional | TA, DE |